Secure Email Gateway

Secure Email service is provided to all CUMC departments using the CUMC IT Exchange system to assist the organization in meeting IT security compliance and regulatory requirements. The Secure Email service encrypts email sent to external recipients such as Hotmail, AOL, Gmail, etc. This service should not be used for internal communication, for example, emails sent to med.cornell.edu, CUMC, NYP or columbia.edu.

To send messages using the Secure Email Gateway, you must have a CUMC IT Exchange email account. These end in @cumc.columbia.edu.

Compose your message as usual, with the following at the very beginning of the email's Subject line:#encrypt

After typing #encrypt you can add more to the end of the Subject line if desired.

Send the message as usual when ready.

Receiving an Encrypted Email
The following instructions are for recipients of an Encrypted Email message (i.e. those with a non-institutional email address such as gmail.com, etc.)

The recipient will see the following when they first open the message:

Selecting the Click here link in the middle of the message or links to View or Download the SecureMessageAtt.html attachment will open a new web browser window and prompt you to either register or login to the CUMC Encrypted Email site.

The message may take one to two minutes to be able to be viewed; if you see a "session timeout" message, wait a few minutes and select the Click here link to try again.

The More Info link will open instructions on using CUMC secure email.

After selecting Click here or the links to View or Download, the CUMC Encrypted Email site will appear with a prompt to register or login:

If you have not used the CUMC Encrypted Email site for your email address before, a Registration window will appear.
Fill out the form with your First and Last Name, then select a Password for the Encrypted Email site.

Information on password requirements (must be 7-20 characters long, at least one digit is required, and the username cannot be part of the password) are shown when your cursor is in the Password or Confirm Password fields.

If you have used the CUMC Encrypted Email site before you will be prompted to login. Type in the Password you had already selected for the Encrypted Email site and select the Continue link to the bottom right of the window.

If you cannot remember your password for the Encrypted Email site see below for help.

After successful registration or login, the browser will show the full message.

Please note that you are not permitted to forward the email to external addresses other than the sender's domain (@cumc.columbia.edu in the above picture), or other CUMC related domains: @med.cornell.edu, @nyp.org, @columbia.edu and @cumc.columbia.edu.

You can use the Reply or Reply All links to the upper left of the message to respond to the sender and others copied in the message.

Select the Logout link in the upper right corner of the message window when done.

NOTE: The Click here link in the original message expires after 7 days. To view the message after this, select the Download link next to the "SecureMessageAtt.html" attachment.

Login and Password Issues

The Secure Email portal allows 8 incorrect password attempts before the account is locked. It will remain locked for one minute, after which you may try again or request a password reset.

Select the Forgot Password link in the lower right of the login screen to have a password reset request sent to your email address.

After a few moments you will receive a password reset email. Select the link in the message to reset your password for the CUMC Encrypted Email site.

Note that the reset link can only be used once and must be used within 30 minutes or it expires.

The link will open a browser window prompting to Enter a new password for your account. Type in your desired password in both the New password and Confirm password fields, then select Continue.

If you are not able to successfully reset your password please send an email to CUMC IT support at 5help@columbia.edu from the email account that received the secure message.